<?php
class paypalclass {

	function paypalclass() {
		global $setupdata, $mysqlclass, $paymentclass;
		$this->setupdata=$setupdata;
		$this->mysqlclass=$mysqlclass;
		$this->paymentclass=$paymentclass;
	}
	
	function send_order_to_gateway($data, $post, $id){
		$post['order_amount'] = $this->paymentclass->amount_convert($post['order_amount'], $data['VK_CURR']);
		$data['VK_REF'] = $id;
		$data['VK_RETURN'] = $this->setupdata['base_href']."/index.php?module=payment&gateway=paypal&act=return";
		$data['VK_STAMP'] = $post['order_id'];
		$data['VK_AMOUNT'] = $post['order_amount'];
		$data['VK_MSG'] = $post['mess']." (".$data['VK_STAMP'].")";
		if (!isset($data['VK_CERT'])) $data['VK_CERT'] = "";
		$data['VK_MAC'] = $this->get_mac($data);
		print_r('
			<form name="payment" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_paypal">
			<input type="hidden" name="cmd" value="_s-xclick">
			<input type="hidden" name="encrypted" value="'.$data['VK_MAC'].'">
			</form>
			<script language="javascript1.4" type="text/javascript">document.payment.submit();</script>
		');
	}
	
	function get_post_data_string($data){
		$result = "cmd=_xclick\nbusiness=".$data['VK_ACC']."\nitem_name=".$data['VK_MSG'].
		"\ncurrency_code=".$data['VK_CURR']."\nno_shipping=1\nno_note=1\ninvoice=".$data['VK_REF'].
		"\nreturn=".$data['VK_RETURN']."&result=ok\ncancel_return=".$data['VK_RETURN']."&ressult=bad".
		"\nnotify_url=".$data['VK_RETURN']."&result=notify\namount=".$data['VK_AMOUNT']."\ncert_id=".$data['VK_CERT']."\n";
		return $result;
	}
	
	function get_mac($data){
		$str = $this->get_post_data_string($data);
		$fp = fopen($this->setupdata['smarty_compile_dir']."message", "w");	fwrite($fp, $str); fclose($fp);
		if (!@openssl_pkcs7_sign(
			$this->setupdata['smarty_compile_dir']."message",
			$this->setupdata['smarty_compile_dir']."out",
			$data['KEY_PUBL'],
			array($data['KEY_PRIV'], $data['VK_PASS']),
			array(), PKCS7_BINARY)
		) return "x";
		
		$dataz = file_get_contents($this->setupdata['smarty_compile_dir']."out");
		$dataz = explode("\n\n", $dataz);
		$dataz = base64_decode($dataz[1]);
		$fp = fopen($this->setupdata['smarty_compile_dir']."out", "w"); fwrite($fp, $dataz); fclose($fp);
		
		if (!openssl_pkcs7_encrypt(
			$this->setupdata['smarty_compile_dir']."out",
			$this->setupdata['smarty_compile_dir']."encrypted",
		  	$data['KEY_PAYPAL'], array(), PKCS7_BINARY)
		) return "y";

		$data = file_get_contents($this->setupdata['smarty_compile_dir']."encrypted");
		$data = explode("\n\n", $data);
		$data = $data[1];
		$data = str_replace("\n", "", $data);
		$data = "-----BEGIN PKCS7-----".$data."\n-----END PKCS7-----";
		
		@unlink($this->setupdata['smarty_compile_dir']."message");
		@unlink($this->setupdata['smarty_compile_dir']."out");
		@unlink($this->setupdata['smarty_compile_dir']."encrypted");
		return $data;
	}
	
	function order_notify($post){
		$data = $this->paymentclass->get_gateway_data('paypal');
		$req = 'cmd=_notify-validate';
		foreach ($post as $key => $value) {
			$value = urlencode(stripslashes($value));
			$req .= "&$key=$value";
		}
		$header = "";
		$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
		$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
		$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
		$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
		if ($fp) {
			fputs ($fp, $header . $req);
			while (!feof($fp)) {
				$res = fgets ($fp, 1024);
				$message = "";
				if (strcmp ($res, "VERIFIED") == 0) {
					if (
						(isset($post['payment_status']) && ($post['payment_status'] == 'Completed')) && 
						(isset($post['receiver_email']) && ($post['receiver_email'] == $data['VK_ACC'])) && 
						(isset($post['mc_currency']) && ($post['mc_currency'] == $data['VK_CURR'])) && 
						(isset($post['invoice'])) && (isset($post['payment_gross']))
						){
						$invoice_data = $this->paymentclass->get_invoice_data($post['invoice'], 'paypal');
						if ($post['payment_gross'] == $invoice_data['amount']){
							$this->paymentclass->set_invoice_status($post['invoice'], 'pay');
						} else {
							$this->paymentclass->set_invoice_status($post['invoice'], 'error');
						}
					} else {
						$this->paymentclass->set_invoice_status($post['invoice'], 'error');
					}
				} elseif (strcmp ($res, "INVALID") == 0) {
					if (isset($post['invoice'])) {
						$this->paymentclass->set_invoice_status($post['invoice'], 'notpay');
					}
				}
			}
			fclose ($fp);
		}
	}
	
	function order_cancel(){
		if ((isset($_GET['inv'])) && (intval($_GET['inv']) > 0)){
			$this->paymentclass->set_invoice_status($_GET['inv'], 'notpay');
		}
	}
	
}
?>